Data breach announced by US’s Largest cookware giant Meyer

On Tuesday 15^th of February 2022, Meyer Corporation, the largest cookware distributor in the United States of America informed US Attorney General offices of a data breach because of a cyber-attack against the corporation back in October 2021. It is believed that the corporation became a target for a cyber-attack on October 25, 2021, and therefore in response, they launched an investigation which confirmed that threat actors had gained access to personal information belonging to employees of Meyer and its subsidiaries.

“On or around December 1, 2021, our investigation identified potential unauthorized access to Meyer employee information [including employees of Meyer’s subsidiaries Hestan Commercial Corporation, Hestan Smart Cooking, Hestan Vineyards, and Blue Mountain Enterprises, LLC],” – Meyer Corporation data breach notification.

It is believed that the personal information that may have been exposed included

• Full names
• Physical address
• Date of birth
• Gender
• Ethnicity
• Social Security number
• Health insurance information
• Medical condition
• Random drug screening results
• COVID vaccination cards
• Driver’s license
• Passports
• Government ID number
• Permanent resident cards
• Immigration status information
• Information on dependents

The group behind the incident is believed to be Conti Ransomware group who released a listing on their extortion site dating to November 7, 2021. Conti currently offers a ZIP file containing 2% of the allegedly stolen data. The Meyer Corporation has stated that they are offering two years of identity protection services, at no cost, to affected employees and their dependents.